package com.cruise.game.common.utils;

import com.cruise.game.common.constants.SecurityConstants;
import com.cruise.game.model.entity.User;
import io.jsonwebtoken.Claims;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.core.userdetails.UserDetails;

/**
 * 安全工具类
 *
 * @author cruise
 * @date 2025-02-28
 */
public class SecurityUtils {

    /**
     * 获取当前认证信息
     *
     * @return 认证信息
     */
    public static Authentication getAuthentication() {
        return SecurityContextHolder.getContext().getAuthentication();
    }

    /**
     * 获取当前用户
     *
     * @return 用户
     */
    public static UserDetails getCurrentUser() {
        Authentication authentication = getAuthentication();
        if (authentication != null && authentication.getPrincipal() instanceof UserDetails) {
            return (UserDetails) authentication.getPrincipal();
        }
        return null;
    }

    /**
     * 获取当前用户ID
     *
     * @return 用户ID
     */
    public static Long getCurrentUserId() {
        Authentication authentication = getAuthentication();
        if (authentication != null && authentication.getPrincipal() instanceof UserDetails) {
            UserDetails userDetails = (UserDetails) authentication.getPrincipal();
            return Long.valueOf(userDetails.getUsername());
        }
        return null;
    }

    /**
     * 获取当前用户角色
     *
     * @return 角色
     */
    public static String getCurrentUserRole() {
        UserDetails userDetails = getCurrentUser();
        if (userDetails != null && !userDetails.getAuthorities().isEmpty()) {
            return userDetails.getAuthorities().iterator().next().getAuthority().replace("ROLE_", "");
        }
        return null;
    }

    /**
     * 判断当前用户是否是管理员
     *
     * @return 是否是管理员
     */
    public static boolean isAdmin() {
        Authentication authentication = getAuthentication();
        if (authentication != null && authentication.isAuthenticated()) {
            return authentication.getAuthorities().stream()
                    .anyMatch(authority -> "ROLE_ADMIN".equalsIgnoreCase(authority.getAuthority()));
        }
        return false;
    }

    /**
     * 判断当前用户是否是代理
     *
     * @return 是否是代理
     */
    public static boolean isAgent() {
        Authentication authentication = getAuthentication();
        if (authentication != null && authentication.isAuthenticated()) {
            return authentication.getAuthorities().stream()
                    .anyMatch(authority -> "ROLE_AGENT".equalsIgnoreCase(authority.getAuthority()));
        }
        return false;
    }

    /**
     * 判断当前用户是否是普通用户
     *
     * @return 是否是普通用户
     */
    public static boolean isUser() {
        Authentication authentication = getAuthentication();
        if (authentication != null && authentication.isAuthenticated()) {
            return authentication.getAuthorities().stream()
                    .anyMatch(authority -> "ROLE_USER".equalsIgnoreCase(authority.getAuthority()));
        }
        return false;
    }

    /**
     * 从JWT Claims中获取用户ID
     *
     * @param claims JWT Claims
     * @return 用户ID
     */
    public static Long getUserIdFromClaims(Claims claims) {
        return Long.valueOf(claims.getSubject());
    }

    /**
     * 从JWT Claims中获取用户角色
     *
     * @param claims JWT Claims
     * @return 用户角色
     */
    public static String getUserRoleFromClaims(Claims claims) {
        return claims.get(SecurityConstants.ROLE_CLAIMS, String.class);
    }

    /**
     * 构建用户认证信息
     *
     * @param user 用户实体
     * @return 认证信息
     */
    public static org.springframework.security.core.userdetails.User buildUserDetails(User user) {
        return new org.springframework.security.core.userdetails.User(
                user.getId().toString(),
                "", // 无密码
                true,
                true,
                true,
                true,
                org.springframework.security.core.authority.AuthorityUtils
                        .createAuthorityList("ROLE_" + user.getRole().toUpperCase()));
    }
}